Skip to main content

What Does a Cybersecurity Analyst Do?

Cybersecurity analysts work to defend their organization and its data from cyberthreats. Responsibilities can vary, but they typically involve monitoring systems and alerts.
A cybersecurity analyst working at her desk with a laptop and two monitors with cyber code in front of her.

Understanding the numbers
When reviewing job growth and salary information, it’s important to remember that actual numbers can vary due to many different factors—like years of experience in the role, industry of employment, geographic location, worker skill and economic conditions. Cited projections are based on Bureau of Labor Statistics data, not on SNHU graduate outcomes, and do not guarantee actual salary or job growth.

The role and responsibilities of a cybersecurity analyst vary by team and organization. But whether you’re working on a Security Operations Center (SOC) team — or perhaps with incident response or insider threats, the mission is the same: Defend an organization from cyberthreats.

What Exactly Do Cybersecurity Analysts Do?

Glen Mitchell, cybersecurity instructor at SNHU.
Glen Mitchell

While the work of a cybersecurity analyst varies, it may involve monitoring alerts — particularly when you’re starting out, according to Glen Mitchell, an adjunct at SNHU who got his start in cybersecurity in 2001 with the U.S. Army.

Now a senior manager for cyber operations at a hospital, Mitchell said the systems you’ll monitor as a cybersecurity analyst may include:

  • Endpoint Detection and Response (EDR) tools
  • Remote access and communication tools
  • Security Information and Event Management (SIEM) solutions
  • Threat intelligence feeds
  • Organization ticketing platforms

Working as a cybersecurity analyst involves critical thinking and investigation. “This is not just a technical job but one crafted out of the intelligence sector, with a need to understand social aspects of users and operations,” Mitchell said. “To be better at our (job), we merely cannot delete the bad file that triggered the alert but understand how the file got there.”

He said that involves asking questions such as:

  • What was the user doing to receive the bad file?
  • What else did the bad file do to the system?
  • What were the attacker’s intentions?
  • What did the attacker get the user to do?
  • What technical or training changes need to be made?

“In our role, we will never know everything, but we need to (be) able to adapt, pivot and know where to look when we do not have the answer readily available,” Mitchell said.

Want to explore other options in the field? Here are 10 jobs to consider with an online bachelor's in cybersecurity.

A Day in the Life of a Security Analyst

Gina Cramer, a bachelor's in cybersecurity graduate and instructor at SNHU.
Gina Cramer '20

When Gina Cramer ’20 finished her cybersecurity degree at SNHU, she began working as a security analyst for a global financial services company.

“In the beginning, I was learning how to scan, was doing the research on vulnerabilities and getting familiar with different things, shadowing people,” Cramer said. “So, my main responsibility at the time was just scanning the applications.”

As Cramer gained experience, she started building on her role as an analyst.

While she continues to do Application Programming Interfaces (API) scanning today, her role has grown. She conducts peer reviews of reports submitted to other teams and vendors to ensure they’re accurate and well-presented. She also updates templates, creates documentation and mentors others.

While her days can vary, she said they typically go as follows:

  • Attend morning team meetings
  • Review emails and other notifications received overnight
  • Conduct peer reviews with global time zones in mind
  • Scan applications and learn to navigate new ones
  • Complete paperwork and research related to updates

Cramer also handles “fires” — or situations requiring immediate attention — as they arise. “So, my day is kind of structured,” she said. “But you never know when it's going to go off the rails.”

Are you hoping to launch your career in this field, too? Read more about whether a cybersecurity degree is worth it.

Find Your Program

Do Cybersecurity Analysts Get Paid Well?

Cybersecurity analysts, also known as information security analysts, typically out-earn other professions, according to the U.S. Bureau of Labor Statistics (BLS).* But what you make will depend on many factors, including your location, experience level and industry.

In 2024, according to BLS, information security analysts earned a median salary of $124,910 — two and a half times more than the median salary for all occupations.*

The lowest 10% of information security analysts earned less than $69,660 in 2024, BLS reported — likely a more realistic target if you’re starting in the field.*

What Are the Skills Required for a Cybersecurity Analyst?

As you can imagine, cybersecurity analysts require technical knowledge that can be gained through educational programs, such as a certificate or degree. There are also important soft skills and abilities in this field.

Cyndie Ramirez, a 2018 graduate from SNHU with a bachelor's degree in information technology with a concentration in cybersecurity.
Cyndie Ramirez '18

According to Cyndie Ramirez ’18, you need an investigative mindset and the ability to think outside of the box when you look into problems.

After earning her bachelor’s in information technology with a concentration in cybersecurity, Ramirez joined the field as a SOC analyst. From there, she transitioned to an insider threat team within the same organization, where she became a senior analyst — and now a senior manager.

Some aspects of a cybersecurity analyst job can involve high stress and test your stamina. Ramirez said it’s important to have self-awareness and recognize and prevent burnout, particularly when responding to incidents.

Communication and a desire to keep learning are also essential for success in this field.

Communication

Cybersecurity analysts collaborate with a lot of teams and users. Some of these people are technicians and administrators with equally technical backgrounds, while others have little or no background in the field. BLS noted that you must be able to tailor your communication, which could include high-stakes information about threats, to different audiences.

"You have to be able to communicate well and get through the technical jargon because they may not be that savvy with it," Cramer said. She found that the analytical thinking and writing assignments she did as a cybersecurity student helped her hone this skill.

Plus, as a peer reviewer for her team, she ensures reports are professional, accurate, grammatically sound and edited consistently for the stakeholders receiving them.

Drive to Learn

In this role — and throughout the cybersecurity field — you must be willing to adapt as industry and technology evolve.

“Once you land that role, it doesn't stop,” Ramirez said. “You definitely have to keep learning on your own.”

By continuing your education — whether that’s through taking courses, earning a cybersecurity certification or consuming industry news — you can avoid becoming stagnant in your career, she said. You’ll be better prepared to understand new threats to your organization.

“There will always be threat actors, and they will always be coming up with new things — new vulnerabilities to attack,” Cramer said. "The operating systems all change and update, and even though people are really good at what they do, when you get kind of narrow-minded and focused, you could miss those vulnerabilities.”


How to Get Cybersecurity Experience: Advice From a Grad

Getting Started

If you’re new to the field, you can learn more about how to become a cybersecurity analyst. Three qualification areas typically help: education, certification and experience.

When it comes time to apply for job roles, Ramirez encourages others to look for an analyst role on a SOC team, like she did.

“I had visibility and ability to work so many different types of incidents that I kind of thought about, okay, well, where do I want to be?” she said. “I worked with so many other teams, so it helped me understand where I wanted to go next.”

Discover more about SNHU's online bachelor's in cybersecurity: Find out what courses you'll take, skills you'll learn and how to request information about the program.

*Cited job growth projections may not reflect local and/or short-term economic or job conditions and do not guarantee actual job growth. Actual salaries and/or earning potential may be the result of a combination of factors including, but not limited to: years of experience, industry of employment, geographic location, and worker skill.


Rebecca LeBoeuf Blanchette '18 '22G is a writer at Southern New Hampshire University, where she fulfills her love of learning daily through conversations with professionals across a range of fields. She earned her Bachelor of Arts in Communication with a minor in Professional Writing at SNHU’s campus in Manchester, New Hampshire, and followed her love of storytelling into the online Master of Arts in English and Creative Writing at SNHU. Connect with her on LinkedIn.

Explore more content like this article

People wandering on an abstract illustration of a digital landscape with glowing blue lines and vertical light beams.

How to Start in Cybersecurity With No Experience

At one point, every professional lacked the knowledge and skills critical to their work today. They started as beginners — and it’s no different in cybersecurity. If you're wondering how to start in cybersecurity with no experience in the field, here's what worked for two career-changing SNHU grads.
A woman walking into a dark computer lab glowing in blue.

What Does a Chief Information Security Officer Do?

The Chief Information Security Officer (CISO) is a high-level leadership role in the C-suite, alongside a company’s CEO and other chief executives. If you plan to climb the career ladder to this position, you'll need to understand the job and what your road to it might look like.
A person using a tablet with icons hovering in the air, including a blue lock to represent cybersecurity.

Top 10 Jobs With an Online Bachelor’s in Cybersecurity

If you have a thirst for learning — and an analytical mind to back it up — cybersecurity might be the right direction for your future. To start charting your path, explore 10 different roles in the field that you might pursue with a bachelor's degree in cybersecurity.

About Southern New Hampshire University

Two students walking in front of Monadnock Hall

SNHU is a nonprofit, accredited university with a mission to make high-quality education more accessible and affordable for everyone.

Founded in 1932, and online since 1995, we’ve helped countless students reach their goals with flexible, career-focused programs. Our 300-acre campus in Manchester, NH is home to over 3,000 students, and we serve over 135,000 students online. Visit our about SNHU page to learn more about our mission, accreditations, leadership team, national recognitions and awards.